Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Oracle Patches Security Flaws

Dec 9, 2003 6:14AM PST

Serious vulnerabilities discovered in server products.

Robert McMillan, IDG News Service
Tuesday, December 09, 2003
Oracle has issued a security alert and software patches for a set of serious vulnerabilities in the security protocols used by some of its server products.

The flaws affect certain versions of Oracle's 8i and 9i Database Server, Oracle 9i Application Server, and versions 8 and 9 of the Oracle HTTP Server, according to the alert, which is dated December 4.

Any client that can access an affected Oracle server could exploit the vulnerabilities, according to the alert, which characterizes users' risk of exposure from the vulnerability as "high." Oracle "strongly recommends" that users apply patches for these vulnerabilities and said there were no alternate workarounds to correct the issues.

More: http://www.pcworld.com/news/article/0,aid,113810,tk,dn120903X,00.asp

Discussion is locked